145 – Inappropriate coding practices - Cyclomatic complexity

Description

The application has source code with high McCabe cyclomatic complexity, making the code difficult to understand and maintain, promoting the appearance of new security vulnerabilities and hindering their detection and solution.

Impact

Promote the creation of security vulnerabilities

Recommendation

Refactor the complex code by simplifying methods, subroutines or conditionals

Threat

Authenticated attacker from the Internet with write access to the code.

Expected Remediation Time

30 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: H
• Attack Requirements: N
• Privileges required: H
• User interaction: N
• Confidentiality (VC): N
• Integrity (VI): L
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: P

Requirements

• 379 - Keep low McCabe cyclomatic complexity

Fixes

• Csharp
• Dart
• Elixir
• Go
• Java
• Php
• Python
• Ruby
• Scala
• Swift
• Typescript

Last updated

2024/02/14